Chaos' predecessor, BlackSuit, is a rebranding of an earlier ransomware operation known as Royal. Royal, according to Trend Micro, is a splinter group of the Conti ransomware group. The circle of ransomware groups continues.

Federal agencies warn of rising Interlock ransomware attacks targeting healthcare and critical sectors using double extortion and advanced social engineering.

Law enforcement has seized the dark web extortion sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years.

In May 2023, Royal began testing a new encryptor called BlackSuit, leading to the group's rebranding. Cyber threat intelligence experts believe that only BlackSuit members use the group’s tools, suggesting the group does not operate a ransomware-as-a-service (RaaS) model.

Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.

A ransomware attack affecting Russian vodka producer Novabev disrupted its internal IT systems, shutting down over 2,000 liquor stores, including its

Experts applauded the proposed change, which would require ransomware victims to notify authorities when paying a hacker's ransom, arguing that this information can help catch cybercriminals and stop their activities.

The intention is to make critical industries “unattractive targets for criminals,” reducing the frequency and impact of incidents.